iptables

Documentation

Index

• func ParseIngressRules(r io.Reader) (firewall.IngressRules, error)
• type AcceptInternalCommand
  • func (c AcceptInternalCommand) Render() string
• type DropCommand
  • func (c DropCommand) Render() string
• type IngressRuleCommand
  • func (c IngressRuleCommand) Render() string

Functions

func ParseIngressRules

func ParseIngressRules(r io.Reader) (firewall.IngressRules, error)

ParseIngressRules parses the output of "iptables -L INPUT -n", extracting previously added ingress rules, as rendered by IngressRuleCommand.

Types

type AcceptInternalCommand

type AcceptInternalCommand struct {
	DestinationAddress string
	DestinationPort    int
	Protocol           string
}

AcceptInternalCommand represents an iptables ACCEPT target command, for accepting traffic, optionally specifying a protocol, destination address, and destination port.

This is intended only for allowing traffic according to Juju's internal rules, e.g. for API or SSH. This should not be used for managing the ingress rules for exposing applications.

func (AcceptInternalCommand) Render

func (c AcceptInternalCommand) Render() string

Render renders the command to a string which can be executed via bash in order to install the iptables rule.

type DropCommand

type DropCommand struct {
	DestinationAddress string
	Interface          string
}

DropCommand represents an iptables DROP target command.

func (DropCommand) Render

func (c DropCommand) Render() string

Render renders the command to a string which can be executed via bash in order to install the iptables rule.

type IngressRuleCommand

type IngressRuleCommand struct {
	Rule               firewall.IngressRule
	DestinationAddress string
	Delete             bool
}

IngressRuleCommand represents an iptables ACCEPT target command for ingress rules.

func (IngressRuleCommand) Render

func (c IngressRuleCommand) Render() string

Render renders the command to a string which can be executed via bash in order to install the iptables rule.